Author: jezdez
Date: 2012-02-09 10:57:40 -0800 (Thu, 09 Feb 2012)
New Revision: 17474
Modified:
django/trunk/django/contrib/auth/admin.py
django/trunk/tests/regressiontests/admin_views/customadmin.py
django/trunk/tests/regressiontests/admin_views/tests.py
Log:
Fixed #16958 -- Correctly use the queryset method in the auth app's UserAdmin
class. Thanks, mpaolini.
Modified: django/trunk/django/contrib/auth/admin.py
===================================================================
--- django/trunk/django/contrib/auth/admin.py 2012-02-09 18:57:31 UTC (rev
17473)
+++ django/trunk/django/contrib/auth/admin.py 2012-02-09 18:57:40 UTC (rev
17474)
@@ -117,7 +117,7 @@
def user_change_password(self, request, id, form_url=''):
if not self.has_change_permission(request):
raise PermissionDenied
- user = get_object_or_404(self.model, pk=id)
+ user = get_object_or_404(self.queryset(request), pk=id)
if request.method == 'POST':
form = self.change_password_form(user, request.POST)
if form.is_valid():
Modified: django/trunk/tests/regressiontests/admin_views/customadmin.py
===================================================================
--- django/trunk/tests/regressiontests/admin_views/customadmin.py
2012-02-09 18:57:31 UTC (rev 17473)
+++ django/trunk/tests/regressiontests/admin_views/customadmin.py
2012-02-09 18:57:40 UTC (rev 17474)
@@ -6,6 +6,8 @@
from django.conf.urls import patterns
from django.contrib import admin
from django.http import HttpResponse
+from django.contrib.auth.models import User
+from django.contrib.auth.admin import UserAdmin
from . import models, forms, admin as base_admin
@@ -30,6 +32,14 @@
def my_view(self, request):
return HttpResponse("Django is a magical pony!")
+
+class UserLimitedAdmin(UserAdmin):
+ # used for testing password change on a user not in queryset
+ def queryset(self, request):
+ qs = super(UserLimitedAdmin, self).queryset(request)
+ return qs.filter(is_superuser=False)
+
+
site = Admin2(name="admin2")
site.register(models.Article, base_admin.ArticleAdmin)
@@ -37,3 +47,4 @@
site.register(models.Thing, base_admin.ThingAdmin)
site.register(models.Fabric, base_admin.FabricAdmin)
site.register(models.ChapterXtra1, base_admin.ChapterXtra1Admin)
+site.register(User, UserLimitedAdmin)
Modified: django/trunk/tests/regressiontests/admin_views/tests.py
===================================================================
--- django/trunk/tests/regressiontests/admin_views/tests.py 2012-02-09
18:57:31 UTC (rev 17473)
+++ django/trunk/tests/regressiontests/admin_views/tests.py 2012-02-09
18:57:40 UTC (rev 17474)
@@ -2946,7 +2946,12 @@
response = self.client.get('/test_admin/admin/admin_views/pizza/add/')
self.assertEqual(response.status_code, 200)
+ def test_user_password_change_limited_queryset(self):
+ su = User.objects.filter(is_superuser=True)[0]
+ response = self.client.get('/test_admin/admin2/auth/user/%s/password/'
% su.pk)
+ self.assertEquals(response.status_code, 404)
+
class RawIdFieldsTest(TestCase):
urls = "regressiontests.admin_views.urls"
fixtures = ['admin-views-users.xml']
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
